Managed access to mobile endpoints

ABSTRACT

In one implementation, a method for managing access to mobile endpoints leverages the always-on nature of a first internet layer protocol to expand the reach of a second internet layer protocol. A network device receives a request originating from a remote host. The request includes a domain name of a mobile endpoint. The network device queries a database using the domain name for a first address of the mobile endpoint as designated according to the first internet layer protocol. The network device transmits a wake up message to the mobile endpoint using the first address. A data bearer for communication with the second internet layer protocol is established based on the wake up message, and a second address is assigned to the mobile endpoint. The second address is forwarded to the remote host, allowing communication between the remote host and the mobile endpoint.

FIELD

The present disclosure relates to managed access to mobile endpointsincluding a secure wake-up of offline mobile endpoints.

BACKGROUND

The exhaustion of the address space of the internet protocol version 4(IPv4) has been a concern for decades. Early predictions warned thatIPv4 would have been depleted years ago. In 2011, by some measures, someparts of the world have depleted their IPv4 supply. However, thetransition to Internet Protocol Version 6 (IPv6) is just beginning togain momentum. Until IPv6 becomes pervasive, the use of IPv4 addressesfor service delivery will continue to dominate.

The address space of IPv6 has about 3.4×10³⁸ addresses, which providesflexibility in address allocation and theoretically sufficient for everyperson on earth to be allocated millions of unique addresses. A largenumber of people may access the Internet using several devices, each ofwhich may have a unique address under IPv6 rather than relying onnetwork address translation, in which all of the devices in a localnetwork appear to have the same address to the rest of the Internet.However, until the infrastructure of the Internet has transitioned toIPv6, services relying on IPv4 will remain ubiquitous. Thus, mobiledevices may include dual IPv4 and IPv6 functionality. IPv4 addressescannot be permanently assigned to every device, however, the IPv6functionality, may be leveraged to expand the reach of IPv4 services.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a first embodiment of a communication system formanaged access to mobile endpoints.

FIG. 2 illustrates a second embodiment of a communication system formanaged access to mobile endpoints.

FIG. 3 illustrates an example of the gateway of FIG. 1 or FIG. 2.

FIG. 4 illustrates an example timing diagram for managed access to themobile node.

FIG. 5 illustrates an example flow chart for the operation of thegateway of FIG. 1 or FIG. 2.

DETAILED DESCRIPTION Overview

In one aspect, a method includes receiving a request originating from aremote host and querying a database using the domain name of a mobilenode included in the request for a first address of the mobile node asdesignated according to a first internet layer protocol. A wake upmessage is transmitted to the mobile node using the first address. Thewake up message includes an identity of the remote host. A secondaddress of the mobile node as designated according to a second internetlayer protocol is assigned to the mobile node in response to the wake upmessage and forwarded to the remote host.

In a second aspect, an apparatus includes a database, a processor, and acommunication interface. The database is configured to store at leastone domain name associated with a first Internet layer protocol and asecond internet layer protocol. The processor is configured to query thedatabase using a domain name based on receipt of a remote host requestto receive a first address associated with the first internet layerprotocol and configured to generate a wake up message to a mobile nodeusing the first address. The wake up message includes a command toestablish a data bearer for the second internet layer protocol. Thecommunication interface is configured to transmit the wake up message tothe mobile node and to receive a second address of the mobile nodedesignated according to the second internet layer protocol.

In a third aspect, a computer readable medium includes instructions toidentify a domain name from a communication request originating at aremote router and naming a mobile router, query a database using thedomain name for an IPv6 address of the mobile router, transmit a wake upmessage to the mobile router using the IPv6 address, receive an IPv4address of the mobile router, and forward the IPv4 address to the remoterouter.

Example EMBODIMENTS

The first three generations of wireless telephony or telecommunicationnetworks rely on circuit switching (CS). CS requires that two networksmaintain a dedicated communications channel, which may be referred to asa circuit. The dedicated communications channel is an electricalconnection that cannot be used by other callers. The first generation ofwireless telephony (1G) networks was based on analog systems. The secondgeneration of wireless telephony (2G) added digital techniques includingencryption but remain circuit switched communication. The thirdgeneration of wireless telephony (3G) and some intermediate technologies(e.g., 2.5G) are based on two parallel infrastructures consisting ofcircuit switched and packet switched network domains.

The fourth generation of wireless telephony (4G), however, is based onpacket switching only, which requires all services provided overcellular networks to eventually be compatible with packet switchedcommunication. Because exhaustion of internet protocol version 4 (IPv4)addresses was projected to occur before the deployment of 4G networks,internet protocol version 6 (IPv6) is fully supported by 4Ginfrastructures, and carriers may require all 4G enabled devices tosupport IPv6. However, current projections predict that IPv4 serviceswill be prevalent worldwide for many years to come and most mobiledevice will support both IPv4 and IPv6.

As described in the following embodiments the dual support of IPv4 andIPv6 in many mobile devices permits an enhanced managed access to themobile devices, in which the IPv6 connectivity is leveraged for use inIPv4 services. In 1G, 2G, and 3G networks, an incoming voice call or ashort message service (SMS) message on a mobile device are the onlyalways-on services. After the mobile device is turned on, the mobiledevice logically connects to the network and, after a short amount oftime, an indicator (e.g., a green light) informs the user that themobile device can either originate or receive calls and SMS messages.However, in the data world of 3G and earlier technologies, a service orapplication must be initiated by the user of the mobile device in orderto receive incoming data. There is no always-on “phone number” in thedata world.

On the other hand, 4G networks, using unique addresses for every device,allow always-on connectivity in IPv6 data services. The always-onconnectivity of IPv6 data services may be harnessed to wake up a mobiledevice so that the mobile device may receive other data services (e.g.,IPv4 data services).

FIG. 1 illustrates a first embodiment of a communication system formanaged access to mobile endpoints. The communication system includes alocal area network 100, a gateway 103, and a remote network 105. Theremote network 105 may be the Internet, a private network, or anynetwork including at least one remote host. The remote host may be arouter or an endpoint such as a computer or a server.

The local area network 100 includes a mobile device 101 and a pluralityof endpoints 102. The mobile device 101 may be a mobile router, a mobileaccess point, a cellular router, or any device including a cellular datamodem. For example, the mobile device 101 may be any device including asubscriber identity, such as a subscriber identity module (SIM) card.The SIM card is an integrated circuit that stores a service subscriberkey that uniquely identifies the mobile device 101. An example servicesubscriber key is the international mobile subscriber identity (IMSI).The SIM card may be removable. One specific example of the mobile device101 is an Integrated Services Router Generation 2 (ISRG2) manufacturedby Cisco Systems of San Jose, Calif. The mobile device 101 may create amobile hotspot for data communications with the plurality of endpoints102.

The plurality of endpoints 102 may include wired endpoints and/orwireless endpoints. The wireless endpoints may include, but are notlimited to, a tablet computer 102 a, a smart phone 102 b, a television,a video game system, an electronic reader, a digital photo frame, adigital versatile disc player, a handset, or any wireless device. Thewired endpoints may include, but are not limited to a voice overinternet (VOiP) phone 102 c, a personal computer 102 d, a laptopcomputer, or any wired device include a network interface card.Alternatively, the mobile device 101 may be a single endpoint such asany of the above wireless devices.

The mobile device 101 is in communication with a carrier network 106,including a cellular antenna. The carrier network 106 is a serviceprovider such as a wireless telephony company. The carrier network 106connects to the network 105 by way of gateway 103.

The gateway 103 receives a request originating from a remote host. Theremote host may be any device connected to the network 105 capable ofInternet protocol communications. The request may include a uniqueidentifier, such as a domain name of at least one of the endpoints 102or mobile device 101, referred to collectively as mobile nodes. Themobile device may be any device equipped with cellular communication andpacket-switched communication. The unique identifier may, for example,be a fully qualified domain name (FQDN) or absolute domain name. TheFQDN specifies an unambiguous and exact location of the mobile node asdefined by the domain name system (DNS). Example FQDNs includehostname.example.com and 4085551234.verizon.net. The FQDN of the mobilenode is a permanent address that cannot typically be changed. The FQDNis associated with the SIM card and can be transferred between mobileequipment/nodes by removing the SIM card from one device and installingthe SIM card in another device.

The remote host may send the request to a public DNS server to resolvethe FQDN of the mobile node. The request, through the DNS hierarchy ofthe Internet, may be forwarded to the corresponding service provider.Ultimately, the request is received at gateway 103. The gateway 103 mayact as a dynamic DNS server that automates the discovery andregistration of the IP address of the mobile nodes. The gateway 103 isconfigured to query a database using the FQDN for an address of themobile node.

If the mobile node is already ‘online’, the gateway 103 accesses theaddress of the mobile device as designated according to IPv4 and returnsthe IPv4 address of the mobile node to the remote host in response torequest or in response to the DNS query. The term ‘online’ means that anappropriate data bearer (i.e. IPv6 bearer) has been established for themobile node.

If the mobile device is not ‘online’ when the gateway 103 receives therequest or DNS query, the gateway 103 accesses the address of the mobiledevice as designated according to IPv6 and transmits a wake up messageto the mobile node using the IPv6 address. The wake up message includesa command to establish an IPv4 data bearer. The wake up message may alsoinclude an identity of the remote host, which may be the source IPaddress of the remote host. The wake up message may be encrypted using aunique identifier, such as the IMSI of the SIM card of the mobile node.The wake up message may include other useful data such as security data,policy data, or authentication data.

In response to the wake up message, the mobile node and gateway 103establish an IPv4 data bearer and acquires a second address from thecarrier network 106. The second address of the mobile node is an IPv4address. The gateway 103 records the IPv4 address of the mobile node inthe database. The IPv4 address may be recorded as an A type DNS recordas defined by RFC 1035. The gateway 103 forwards the second address tothe remote host. As result, the remote host may communicate, access,manage, retrieve data, or send commands to the mobile node.

The communication between the remote host and the mobile node may be anytype of data service. Many data services such as remote access to acomputer, are easily performed using cable, coaxial, satellite, digitalsubscriber lines, or other ‘always on’ broadband connections. These dataservices are now possible using the disclosed embodiments when theendpoint is behind a mobile router. Particularly advantageous scenariosoccur where the mobile device is located far from administrators. Forexample, in a smart grid system, a wireless utility node (utility meter)can be woken up and accessed by a remote server to report utilityconsumption data related to electricity, water, or another utility.Further, analytic data may be pushed on demand at any time. The mobilenode may also be set up and configured remotely. In addition, patches,software, updates, or new configurations may be sent to the mobile nodewithout any initiation, approval, or user presence at the mobile node.Other advantageous implementations may be made in VOiP technologies, inwhich incoming calls can be received at the mobile node withoutpreviously establishing a data bearer for the VOiP. Other applicationsinclude vending machines, automobile diagnostics, weather stations, andmesh networks, but any packet switched communication is possible usingthe described embodiments.

FIG. 2 illustrates a second embodiment of a communication system formanaged access to mobile endpoints. The communication system includes alocal area network 100, a carrier network 106, a home serving system113, a managing mobility entity (MME) 111, a serving gateway 107, apacket data network (PDN) gateway 109, and a remote network 105. Thecarrier network 106, the remote network 105 and the local area network100 include the features and components described above with respect toFIG. 1.

The communication system of FIG. 2 is a 4G long term evolution (LTE)environment as established and maintained by the 3rd GenerationPartnership Project (3GPP). The mobile device 101 may be configuredusing any suitable radio transmission technology such as global systemfor mobile communication (GSM), general packet radio service (GPRS),universal mobile communication system (UMTS), or code division multipleaccess (CDMA). Either of the serving gateway 107 or the PDN gateway 109may be configured to allow managed access to mobile endpoints, howeverthe following is discussed with respect to the PDN gateway 109. Theserving gateway 107 also acts as the mobility anchor for when movementof the mobile node requires a change in base station as defined by 3GPPTS 23.401 (www.3gpp.org/ftp/Specs/html-info/23401.htm).

The home subscribe server 113 includes a database defining subscriberprofiles containing subscriber related data for all of the mobile nodesof the carrier network. The subscriber profiles may include subscribernames, a list of permissions, roaming rights, restrictions, type ofsubscribed services, etc. Further the home subscribe server 113 mayinclude billing data.

The managing mobility entity (MME) 111 is the key control-node for thecommunication system. The MME authenticates the mobile node by accessingthe subscriber profiles from the HSS. The MME tracks the mobile nodesmoving from one cellular cell to the next.

FIG. 3 is a detailed view of the gateway 103 or PDN gateway 109, whichincludes a controller 213, a memory 211, a communication interface 217,and a database 219. Alternatively, the device of FIG. 3 could be anynetwork device including network appliances, servers, routers, gateways,load balancers, firewalls, or any suitable Layer 3 device.

The memory 211 may include a database configured to store at least onedomain name associated with a first internet layer protocol and a secondinternet layer protocol. For example, the at least one domain name maybe a unique and unambiguous identity of a mobile node as described by aFQDN. The memory 211 may also include a list of established data bearersfor each of the domain names. Each FQDN may be associated with a firstdata bearer entry (e.g., IPv6 data bearer) and a second data bearerentry (e.g., IPv4 data bearer). If the memory 211 includes an address orother data in either bearer entry, the respective data bearer has beenestablished, which indicates the reachability of the mobile node.

The IPv6 data bearer is an IP multimedia system (IMS) data bearer. IMSis the framework developed by 3GPP for delivering IP multimedia servicesover cellular networks. The framework is defined by 3GPP TS 23.228(www.3gpp.org/ftp/Specs/html-info/23228.htm).

The gateway 103 or PDN gateway 109 is a node on the path between themobile node and the remote host. The remote host initiates communicationwith the mobile node by generating a remote host request. The remotehost request includes the domain name of the mobile node and the sourceIP address of the remote host. The remote host request may includeadditional fields, that when applied at the mobile node, may change theoperational behavior of the mobile node. These data items may also besent in a protocol configuration option (PCO) field. The remote hostsends the remote host request to a public DNS server or directly to thegateway 103 or PDN gateway 109. If the remote host request is sent tothe public DNS server the normal DNS hierarchy takes over and eventuallythe remote host request is forwarded to the gateway 103 or PDN gateway109. Therefore, in either scenario the controller 213 receives theremote host request by way of the communication interface 217.

The controller 213 is configured to query the database in the memory 211using the domain name of the mobile node included in the remote hostrequest in order to check whether the database includes the secondaddress. If the database includes the second address, then a data bearerfor IPv4 has already been established. If the IPv4 data bearer hasalready been established then the controller 213 forwards the secondaddress to the remote host, and communication between the remote hostand the mobile node may proceed.

However, if the database does not include the second address, the mobilenode must be woken up to establish the IPv4 data bearer. The controller213 receives a first address associated with the first internet layerprotocol (e.g., IPv6) from the database and generates a wake up messageincluding the first address (e.g., IPv6). The wake up message may alsoinclude the source IP of the requesting remote host and authenticationdata.

The communication interface 217 is configured to transmit the wake upmessage to the mobile node using the first address. The wake up messageincludes a command to establish a data bearer for the second internetlayer protocol (e.g., IPv4). The wake up message may also be a multicastmessage intended for all or a subset of mobile device 102. Thecommunication interface 217 receives a second address of the mobile nodeas designated according to the second internet layer protocol (e.g.,IPv4).

The controller 213 associates the second address with the domain name bystoring the second address to the database in the memory 211. Thecontroller 213 generates a response message including the second addressand forwards the response message to the remote host. The remote hostnow may communicate with the mobile node using the second address andassociated data bearer.

The memory 211 may be any known type of volatile memory or anon-volatile memory. The memory 211 may include one or more of a readonly memory (ROM), dynamic random access memory (DRAM), a static randomaccess memory (SRAM), a programmable random access memory (PROM), aflash memory, an electronic erasable program read only memory (EEPROM),static random access memory (RAM), or other type of memory. The memory211 may include an optical, magnetic (hard drive) or any other form ofdata storage device. The memory 211 may be located in a remote device orremovable, such as a secure digital (SD) memory card.

The memory 211 may store computer executable instructions for filteringand routing communication session requests. The controller 213 mayexecute computer executable instructions. The computer executableinstructions may be included in computer code. The computer code may bewritten in any computer language, such as C, C++, C#, Java, Pascal,Visual Basic, Perl, HyperText Markup Language (HTML), JavaScript,assembly language, extensible markup language (XML) and any combinationthereof.

The computer code may be stored in one or more tangible media or one ormore non-transitory computer readable media for execution by thecontroller 213. A computer readable medium may include, but is notlimited to, a floppy disk, a hard disk, an application specificintegrated circuit (ASIC), a compact disk CD, other optical medium, arandom access memory (RAM), a read only memory (ROM), a memory chip orcard, a memory stick, and other media from which a computer, a processoror other electronic device can read.

The controller 213 may include a general processor, digital signalprocessor, application specific integrated circuit, field programmablegate array, analog circuit, digital circuit, server processor,combinations thereof, or other now known or later developed processor.The controller 213 may be a single device or combinations of devices,such as associated with a network or distributed processing. Any ofvarious processing strategies may be used, such as multi-processing,multi-tasking, parallel processing, remote processing, centralizedprocessing or the like. The controller 213 may be responsive to oroperable to execute instructions stored as part of software, hardware,integrated circuits, firmware, micro-code or the like.

The communication interface 217 may include any operable connection. Anoperable connection may be one in which signals, physicalcommunications, and/or logical communications may be sent and/orreceived. An operable connection may include a physical interface, anelectrical interface, and/or a data interface. An operable connectionmay include differing combinations of interfaces and/or connectionssufficient to allow operable control. For example, two entities can beoperably connected to communicate signals to each other or through oneor more intermediate entities (e.g., processor, operating system, logic,software). Logical and/or physical communication channels may be used tocreate an operable connection. As used herein, the phrases “incommunication” and “coupled” are defined to mean directly connected toor indirectly connected through one or more intermediate components.Such intermediate components may include both hardware and softwarebased components.

FIG. 4 illustrates an example timing diagram for managed access with themobile device 101. The process begins on the right of the timing diagramat the remote host or remote router 412. At stage (1), the remote router412 attempts to initiate a communication session with the mobile device101 by generating a request including the FQDN of the mobile device 101.

At stage (2), the remote router 412 may employ the services of a publicDNS server 410 by sending the request to the DNS hierarchy of theInternet 411. The request includes the domain name of the mobile device101 and the source IP address of the remote router 412.

At stage (3), the public DNS server 410 does not return any results forthe address of the mobile device 101. The public DNS server 410 forwardsthe DNS query to the relevant service provider. Eventually, the DNSquery reaches the gateway 103, which acts as a dynamic DNS server.

At stage (3 a), the gateway 103 queries the database to determinewhether an IPv4 data bearer has already been established. If the IPv4data bearer has already been established for the mobile device 101, thenthe mobile device 101 is already online. Accordingly, the gateway 103returns the IPv4 address to the remote router 412.

The gateway 103 may also perform an authorization check on the remoterouter 412 to prevent rogue access to the mobile device 101. Theauthorization check may occur before or after the gateway 103 determineswhat data bearers have been established. A list of authenticated hostsmay be stored in database 219 or external to the gateway 103, forexample, at the HSS. The gateway 103 checks the source IP of the remoterouter 412 against the list of authenticated hosts and generates a flagor other data to indicate that the remote host has been authenticated.Alternatively, the list of authenticated hosts may be stored at themobile device 101 and the mobile device 101 may be configured togenerate the flag or other data to indicate that the remote host hasbeen authenticated.

In addition, the list of authenticated hosts may specify a level ofauthentication. For example, different remote hosts may be givendifferent levels of access. A low level of access may be assigned to allrequesting remote hosts that allow only incoming calls or texts. Amedium level of access may be assigned to known remote hosts that allowsany IP services but does not allow the remote host to change theconfiguration of the mobile device 101. A high level of access may beassigned to administrators that allows control and management of themobile device 101 including configuration settings and software changesto the mobile device 101. The list of authenticated hosts may specify anaccess level for each remote host, and the gateway 103 may generateaccess level data for the remote host that initiated the communicationrequest.

The gateway 103 may generate temporary security credentials for theremote host based on the list of authenticated hosts. The temporarysecurity credentials authorize remote management of the mobile device101 by the remote host. The temporary security credentials may be storedon database 219 or externally, such as on HSS 113.

Alternatively, the gateway 103 may include a policy engine to indicateto the mobile node the type of data than can be sent to the requestingremote entity. Policy and charging rules function (PCRF) determinespolicy rules in the carrier network 106.

At stage (4), if the IPv4 data bearer has not been established,indicating that the mobile device 101 is not already online, the gateway103 access the IPv6 address associated with the mobile device 101. Thegateway 103 generates a wake up message including the IPv6 address andsends the wake up message to the mobile device 101. The wake up messagemay include one or more of an authentication flag, access level data,temporary security credentials and/or policy data as described above.

At stage (5), the mobile device 101 receives the wake up message andrequests an IPv4 address from the carrier network 106 to establish theIPv4 data bearer. If the remote host is not authorized for datacommunication with the mobile device 101, or not authorized for therequested level of data communication, the mobile device 101 declines orblocks the wake up message. Accordingly, the mobile device 101 maygenerate an error message, which is transmitted directly to the remotehost or indirectly by way of the gateway 103. Alternatively, the gateway103 may generate the error message based on the list of authenticatedhosts or other policies and transmit the error message to the remotehost.

At stage (6), if the remote host is sufficiently authenticated, thegateway 103 records the IPv4 address of the mobile device 101 in the DNSA record of the database. The gateway 103 also forwards the IPv4 addressas a DNS query response to the public DNS server 410. The public DNSserver 410 forwards the IPv4 to the remote router 412. The remote router412 can now communicate with the mobile device 101. The remote router412 may access, manage, configure, or retrieve data from the mobiledevice 101.

FIG. 5 illustrates an example flow chart for the operation of thegateway of FIG. 1 or FIG. 2. At act S501, the controller 213 receives arequest originating from a remote host for a communication with a mobilenode. The request may be a session initiation protocol (SIP) or othertype of Internet Multimedia System (IMS) call. The request may besoftware or patch upload for the mobile node or any device connectedbehind the mobile node. The mobile node may be a user device such as asmart phone or a network device such as a mobile router.

At act S503, the controller 213 processes the request from the remotehost to identify the domain name of the mobile node. The domain name isa publicly available static address of the mobile node such as the FQDN.The domain name is indexed in the database 219 (or an external database)with one or more IP addresses. If the IPv4 address of the mobile node isincluded in the database 219, the controller 213 generates a responsemessage for the remote host including the IPv4 address. If the IPv4address of the mobile node is not included in the database 219, thecontroller 213 access the IPv6 address for the mobile node. The IPv6address is generally always present because IMS-IPv6 bearer on a mobiledevice is permanently on and reachability with the carrier network 106is maintained at all times.

At act S507, the controller 213 generates a wake up message for themobile node. The wake up message, at a minimum, includes a command tothe mobile device to establish an IPv4 data bearer. In addition, thewake up message may include the source IP address of the remote host andauthentication data. The authentication data may indicate an authorizedsecurity level of the remote host or temporary security credentials.

At act S509, the controller 213 receives the IPv4 address of the mobilenode. The controller 213 may store the IPv4 address of the mobile nodein the database 219 and/or transmit the IPv4 address to the public DNSserver 410. The controller 213 generates a response message includingthe IPv4 address and at act 5511 forward the response message and theIPv4 address to the remote host.

The embodiments described above manage access by leveraging the alwayson nature of IPv6 data bearer to wake up a mobile device and establishan IPv4 data bearer. Once the IPv4 data bearer is established any IPservices are available to the remote host and mobile node. The servicesmay be user services such as VOiP, software update services, dataretrieval services, or configuration services.

Various embodiments described herein can be used alone or in combinationwith one another. The foregoing detailed description has described onlya few of the many possible implementations of the present embodiments.For this reason, this detailed description is intended by way ofillustration, and not by way of limitation.

We claim:
 1. A method comprising: receiving a request originating from aremote host, wherein the request includes a domain name of a mobilenode; querying a database using the domain name for a first address ofthe mobile node as designated according to a first internet layerprotocol; transmitting a wake up message to the mobile node using thefirst address, wherein the wake up message includes an identity of theremote host; receiving a second address of the mobile node as designatedaccording to a second internet layer protocol, wherein the secondaddress is assigned to the mobile node in response to the wake upmessage; and forwarding the second address to the remote host.
 2. Themethod of claim 1, wherein the first internet layer protocol is IPv6 andthe second internet layer protocol is IPv4.
 3. The method of claim 1,wherein the request originating with the remote host is received from apublic domain name system (DNS) server.
 4. The method of claim 1,wherein the mobile node is a cellular router configurable or manageableby the remote host.
 5. The method of claim 1, further comprising:comparing the identity of the remote host to an authorized host list;and blocking the wake up message if the identity of the remote host isnot in the authorized host list.
 6. The method of claim 1, wherein thewake up message includes temporary security credentials configured toestablish a temporary session between the mobile node and the remotehost.
 7. The method of claim 1, further comprising: storing the secondaddress of the mobile node as designated according to the secondinternet layer protocol in the database.
 8. The method of claim 1,wherein the wake up message includes a command to establish a databearer using the second internet layer protocol.
 9. The method of claim1, wherein the request includes a request to install a software patch onthe mobile node or change a configuration of the mobile node.
 10. Anetwork device comprising: a database configured to store at least onedomain name associated with a first Internet layer protocol and a secondInternet layer protocol; a processor configured to query the databaseusing a domain name based on receipt of a remote host request to receivea first address associated with the first internet layer protocol andconfigured to generate a wake up message to a mobile node using thefirst address, wherein the wake up message includes a command toestablish a data bearer for the second Internet layer protocol; and acommunication interface configured to transmit the wake up message tothe mobile node and to receive a second address of the mobile nodedesignated according to the second internet layer protocol.
 11. Thenetwork device of claim 10, wherein the processor forwards the secondaddress to a source of the remote host request.
 12. The network deviceof claim 10, wherein the first internet layer protocol is IPv6 and thesecond internet layer protocol is IPv4.
 13. The network device of claim10, wherein the processor is configured to check whether the databaseincludes the second address of the mobile node as designated accordingto the second internet layer protocol, and if the database includes thesecond address, forwarding the second address to a source of the remotehost request.
 14. The network device of claim 10, wherein the processoris configured to identify a source of the remote host request and queryfor the source of the remote host request in an authorized hostdatabase.
 15. The network device of claim 10, wherein the mobile node isa utility meter and the wake up message instructs the utility meter toreturn utility consumption data.
 16. A non-transitory computer readablemedium storing instructions that, when executed, operable to: identify adomain name from a communication request originating at a remote routerand naming a mobile router; query a database using the domain name foran IPv6 address of the mobile router; transmit a wake up message to themobile router using the IPv6 address, wherein the wake up messageincludes an identity of the remote router; receive an IPv4 address ofthe mobile router; and forward the IPv4 address to the remote router.17. The non-transitory computer readable medium of claim 16, wherein thewake up message includes temporary security credentials configured toestablish a temporary session with the remote router.
 18. Thenon-transitory computer readable medium of claim 16, wherein thecommunication request is a voice over internet protocol call initiatedby the remote router.
 19. The non-transitory computer readable medium ofclaim 16, wherein the wake up message includes a command to establish anIPv4 data bearer.
 20. The non-transitory computer readable medium ofclaim 16, the instructions further operable to: query for the identityof the remote router in an authorized host database; and block the wakeup message if the identity of the remote router is not in the authorizedhost database.